Description
WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently reset the password of any user, including administrator. WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files versions 3.1 - 3.1.1.4.1 are vulnerable.
Remediation
Update to plugin version 3.1.1.4.2 or latest
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6542 Vulnerability (CVE-2014-6542)
Oracle Database Server CVE-2014-6453 Vulnerability (CVE-2014-6453)
WordPress Plugin Form Builder CP Unspecified Vulnerability (1.2.15)
WordPress Plugin Login with Azure (Azure SSO) Cross-Site Scripting (1.4.4)
WordPress Improper Input Validation Vulnerability (CVE-2017-6815)